A quarter of healthcare organisations report medical device cyber-attacks, with 24% experiencing incidents over the past year that disrupted patient care, according to RunSafe Security. The security vendor polled 551 healthcare professionals across the US, UK and Germany to produce its 2026 Medical Device Cybersecurity Index. In 80% of cases, attacks affecting devices had a moderate or significant impact on patients, ranging from delayed imaging and postponed procedures to interruptions to critical care delivery.
Among the responses, 82% have deployed or are piloting runtime exploit protection, 84% include cyber in vendor RFPs, and 76% would pay extra for advanced protection. However, legacy equipment remains a problem, with 44% using devices with known unpatched vulnerabilities and 28% operating devices past end-of-support.
The findings come as device manufacturers face major attacks, including Medtronic admitting a data security incident after ShinyHunters listed the firm on its leak site in mid-April, with the threat actors claiming to have exfiltrated more than nine million records. Separately, Stryker was impacted in March when the Handala group wiped tens of thousands of corporate devices after accessing an Intune admin account.